From ba9d7e44dd417c6de4ff8c8e8a21ae27b6be9608 Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Sat, 22 Sep 2018 15:09:08 -0700 Subject: [PATCH] asset/*: fix ip address calculations The issue was a result of IPNet's ParseCIDR() always returning a 16-byte address, while some third-party libraries assume that the address length corresponds to whether or not IPv6 is in use. --- pkg/asset/manifests/kube-core-operator.go | 4 +--- pkg/ipnet/ipnet.go | 14 +++++++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/pkg/asset/manifests/kube-core-operator.go b/pkg/asset/manifests/kube-core-operator.go index 8e5c7c0f210..ccaff3983b0 100644 --- a/pkg/asset/manifests/kube-core-operator.go +++ b/pkg/asset/manifests/kube-core-operator.go @@ -2,7 +2,6 @@ package manifests import ( "fmt" - "net" "strings" "github.com/ghodss/yaml" @@ -85,8 +84,7 @@ func (kco *kubeCoreOperator) coreConfig() (*kubecore.OperatorConfig, error) { coreConfig.AuthConfig.OIDCGroupsClaim = authConfigOIDCGroupsClaim coreConfig.AuthConfig.OIDCUsernameClaim = authConfigOIDCUsernameClaim - svcCidr := kco.installConfig.Networking.ServiceCIDR - ip, err := cidr.Host(&net.IPNet{IP: svcCidr.IP, Mask: svcCidr.Mask}, 10) + ip, err := cidr.Host(&kco.installConfig.Networking.ServiceCIDR.IPNet, 10) if err != nil { return nil, err } diff --git a/pkg/ipnet/ipnet.go b/pkg/ipnet/ipnet.go index e6a4c3e4f5e..59c20d976a6 100644 --- a/pkg/ipnet/ipnet.go +++ b/pkg/ipnet/ipnet.go @@ -52,7 +52,19 @@ func (ipnet *IPNet) UnmarshalJSON(b []byte) (err error) { if err != nil { return err } - ipnet.IP = ip + + // This check is needed in order to work around a strange quirk in the Go + // standard library. All of the addresses returned by net.ParseCIDR() are + // 16-byte addresses. This does _not_ imply that they are IPv6 addresses, + // which is what some libraries (e.g. github.com/apparentlymart/go-cidr) + // assume. By forcing the address to be the expected length, we can work + // around these bugs. + if ip.To4() != nil { + ipnet.IP = ip.To4() + } else { + ipnet.IP = ip + } ipnet.Mask = net.Mask + return nil }